Interfaces for Personal Identity Verification

Share

Author(s)

James F. Dray Jr., Scott Guthery, Teresa T. Schwarzhoff

Abstract

[Superseded by SP 800-73-1 (March 2006): http://www.nist.gov/manuscript-publication-search.cfm?pub_id=150633] SP 800-73 specifies smart card interfaces used to retrieve and use identity credentials. These specifications reflect the design goals of interoperability and PIV Card functions. The goals are addressed by specifying PIV data model, communication interface, and application programming interface (API). Specifications include the PIV data model, API, and card interface requirements necessary to comply with the mandated use cases for interoperability across deployments or agencies. Interoperability is defined as the use of PIV identity credentials such that client APIs, compliant card applications and compliant integrated circuit cards can be used interchangeably by information processing systems across Federal agencies. SP 800-73 does not address the back-end processes that must be performed to attain full identity assertion. The document describes two realizations of the client-application programming and card command interfaces for personal identity verification: the transitional interfaces and the end-point interfaces. Transitional interfaces may be used by agencies with an existing identity card program as an optional step in evolving to the end-point interfaces. End-point interfaces are used by agencies without an existing identity card program and by agencies that elect to evolve to the end-point interface in one step rather than two. SP 800-73 is divided into three parts: Part 1 provides specifications common to both the transitional and end-point interfaces and guidance on strategies for migrating from the transitional interfaces to the end-point interfaces; Part 2 describes the subsets of GSC-ISv2.1 that comprise the transitional interfaces to the PIV data model; and Part 3 describes the PIV data model's end-point interfaces.